Shadow Broker? NSA Contractor Arrested for Allegedly Stealing Classified Code
Harold Martin worked at the same firm that Edward Snowden did, and 'had a top secret national security clearance'
The FBI in August secretly arrested a National Security Agency (NSA) contractor for allegedly stealing "highly classified computer codes," the New York Times reported Wednesday, citing anonymous government sources.
The court complaint released Wednesday names the contractor as 51-year-old Harold Martin III, a Navy veteran living in Maryland. Like NSA whistleblower Edward Snowden, Martin reportedly worked for the consulting firm Booz Allen Hamilton. A statement from the Department of Justice (DOJ) states that Martin "had a top secret national security clearance."
According to Politico, Martin
was charged with felony theft of government information and misdemeanor unauthorized retention of classified information. He appeared in federal court in Baltimore on Aug. 29 and has been in government custody since, a Justice Department statement said. [...]
FBI agents executed search warrants at Martin's Glen Burnie, Md. residence on Aug. 27 and found sensitive information classified up to the "Top Secret/Sensitive Compartmented Information" level, the Justice Department said. The official announcement indicated that Martin allegedly took information that could have a broad-based impact on government operations.
The Times reported that Martin "is suspected of taking the highly classified 'source code' developed by the agency to break into computer systems of adversaries like Russia, China, Iran, and North Korea."
The Verge writes:
That could describe the NSA secrets detailed in a 2013 Der Spiegel report on the Tailored Access Operations program, which drew on classified documents but was notably not attributed to Edward Snowden. No source code was published as part of the report but it did detail numerous agency tools for compromising hostile networks, and it's possible source code was supplied to journalists and never published.
The statement could also describe the recent publication of NSA exploits by a group calling itself the "Shadow Brokers." That leak did include source code — including a number of previously undisclosed vulnerabilities—and comparison with unpublished Snowden documents confirmed that it did originate with the NSA. The leak was widely attributed to Russian intelligence services, but the attribution was not conclusive, and it was fully never determined how the group obtained the source code.
Indeed, the Times reported that "[a]s investigators look into Mr. Martin's case, it is almost certain that they will focus on whether" the contractor was behind the Shadow Brokers leak.
"That material...was thought by outside experts to have been obtained by hacking rather than from an insider," the Times notes. "Now, in light of the arrest, that assumption may have to be revised. The code released by the Shadow Brokers was dated to 2013, meaning that it almost certainly has been overtaken by more recent code."
Still, others expressed skepticism on social media that Martin was the Shadow Brokers' source.
OK, if limited to what's in the complaint, this was NOT Shadow Brokers source, which makes sense. https://t.co/UiHS8B98dT
— Nicholas Weaver (@ncweaver) October 5, 2016
Here's what I think right now: Martin not connected to Shadow Brokers but was uncovered in the course of the Shadow Brokers probe.
— Katie Bo Williams (@KatieBoWill) October 5, 2016
According to the DOJ statement, "If convicted, Martin faces a maximum sentence of one year in prison for the unauthorized removal and retention of classified materials, and ten years in prison for theft of government property."
On Twitter, Snowden and others noted that Martin appears to not face espionage charges—as Snowden does.
Am I correct in reading they didn't charge him under the Espionage Act? Under this administration, that's a noteworthy absence.
— Edward Snowden (@Snowden) October 5, 2016
— unR̶A̶D̶A̶C̶K̶ted (@JesselynRadack) October 5, 2016
And the Guardian points out that Martin's "arrest is a major embarrassment for the NSA and its contractor Booz Allen coming just three years after Snowden, who worked for both."
Indeed, national security commentator Marcy Wheeler wrote online:
So if Martin ISN'T Shadow Brokers guy, it means NSA has got pwned two times in immediate wake of Snowden, and for at least 6 months after.
— emptywheel (@emptywheel) October 5, 2016
What's more, the Guardian continued, "[t]he new breach provides fresh arguments for privacy activists who argue that the NSA cannot be trusted to protect all the personal data it gathers, from bank accounts to health records."
Nobody is more inept at securing its own data than NSA. But trust them to keep all yours safe and secure! https://t.co/mS04JOQc8v
— Glenn Greenwald (@ggreenwald) October 5, 2016
Just this week, Reuters reported that Yahoo secretly scanned all of its customers' incoming emails for a specific set of characters, at the behest of either the NSA or FBI.